<?php

require_once( 'Interfaces.php' );

class Auth {
  private $db = null;

//------------------------------------------------------------------------------  
  public function __construct ( IDatabase $db ) {
    $this->db = $db;
    // does we need info about user if we have it's data in session?
  }

//------------------------------------------------------------------------------
  public function login( $login, $password ) {
    // check login/password pair and 
    $sql = 'SELECT * FROM profiles WHERE login=?;';
    $res = $this->db->get( $sql, array( $login ) );

    if( empty( $res ) )
      return false;
    $hash = md5( $password.$res[0]['salt'] );
    $sql = 'SELECT * FROM profiles WHERE login=? AND hash=?;';

    $res = $this->db->get( $sql, array( $login, $hash ) );
    if( count($res) ) {
      // put in session
      $_SESSION['user'] = $res[0];
      return true;
    }
    else {
      return false;
      // raise an error flag
//      header( 'location: '.$_SERVER['HTTP_REFERER'] );
    }
  }

//------------------------------------------------------------------------------
  public function logout( ) {
  }

  public function user() {
    if( isset( $_SESSION['user'] ) )
      return $_SESSION['user'];
  }
}
?>
